What's the best way of assigning addresses to applications over the network?

[Southpaw1496]

For many applications, I'd like a convenient way to be able to connect to them from over the network after they're up and running. Ideally, I'd have the option for each Application to broadcast an address over mDNS, so that I could have jellyfin.local, pihole.local, nextcloud.local, etc. I requested this feature, but what's the current best way to do it? Should I set up PiHole and create "fake" .local addresses pointing to the machine running TrueNAS, then put the containers behind a reverse proxy? Can I somehow link them to a "real" domain? Do I just have to connect using the IP and port? Is there another option I haven't considered?

 

[JohnDigital]

I do access some services remotely and I use a BAMP stack in a jail to handle all of this via https reverse proxy to a domain I own and can control the CNAMES of... Works slick and the same can be accomplished using nginx as well. It will be a heightened security risk exposing this to the internet, but its kind of the purpose of a BAMP jail/nextcloud. You should ponder that. But you mention nextcloud and this is the preferred way to do that, because its pointless if that isnt exposed to the internet. In my rig its all set up to do https://nextcloud.example.com or https://blueiris.example.com etc... The apache server handles the port forward internally via the virtualhost file.

There are steps involved here, especially if you want to properly https cert everything and such..

You can do as you describe though and set it all up as an internal webserver only easy enough by never forwarding port 21 or 443 to the jail. In which case you would just do http://apache.local or whatever you set the server name as.

 

[danb35]

Should I set up PiHole and create "fake" .local addresses pointing to the machine running TrueNAS, then put the containers behind a reverse proxy?

This is pretty much going to be it, I think, with possible variations on your choice of local DNS server. I use OPNsense for that; pfSense is perfectly capable of handling it as well. Your router may or may not be able to do this.

The details on the reverse proxy will also vary, and one of the variables will be whether you're using CORE or SCALE. If the latter, TrueCharts' integration of Traefik for ingress for its apps makes this very easy, all point-and-click. If CORE, it isn't quite as simple. My answer under CORE was to use Caddy as a reverse proxy--even though you're writing its configuration from scratch, it's so trivially easy that it hardly matters. I have a resource on setting up Caddy, along with a script to create the jail, if you want to go that way.

 

[Whattteva]

For many applications, I'd like a convenient way to be able to connect to them from over the network after they're up and running. Ideally, I'd have the option for each Application to broadcast an address over mDNS, so that I could have jellyfin.local, pihole.local, nextcloud.local, etc. I requested this feature, but what's the current best way to do it? Should I set up PiHole and create "fake" .local addresses pointing to the machine running TrueNAS, then put the containers behind a reverse proxy? Can I somehow link them to a "real" domain? Do I just have to connect using the IP and port? Is there another option I haven't considered?

Your router can do this through DHCP DNS registration. I do this through OPNsense. All my machines are basically setup with a hostname that gets registered by the router when they request an IP address. The router than combines the hostname with a local domain suffix and creates an entry on the DNS server (Unbound in my case).